Is php the answer for letting users update certain pages?

[Glen_S]

I built a site, and want to enable a select few users to update some pages, ie. a "news" page of sorts, where they can write to a failry simple text file, ftp it to the site thru a script I have written, and have it display on the page that accesses that file.

I don't know a lot about php, but I do use it for a one-source location for all my links across various pages and it works very slick.

What I'd like to do is have a simple text or php file where the users would enter their text between <> tags (if tags are neccesary) and upload it, this text file is referenced from within a <div> box on a page and whatever is in it will show up in the div box, preferably (but not absolutely neccesary)formatted as per the css stylesheet definition for that div box.

Is php the best way to tackle this?, if so, how? Or should I be looking at a different method?


thanks!

[djr33]

Yup. That's a great use of php.

Here's something I posted the other day:

http://dynamicdrive.com/forums/showt...?t=9940&page=2

that's a thread about a script I wrote for a comments thing. (scroll down to mid-page for the source for the php pages)
It works pretty well... it's simple, but does it's job.

http://ci-pro.com/misc/phptest/comments/ is a test page on my server. Ignore that people seem to have been spamming it.

So... that might be a good way to start coding it. It's got all the code you'll need... just reorganize til it fits what you need.

That'll likely be helpful to you as well.

Not only could you do it through ftp, but you could actually make a form that they could type into... even less work. ftp would work as well, though, if that's preferred.

php.net has lots of documentation on this stuff... see the file handling section, as well as the form processing section if you choose to use a form.

[Glen_S]

Thanks - since I posted this I've played with just putting an include like this:
<!--#include virtual='news.txt'-->
and renamed the html file that will show it so it has an shtml extension. That seems to work, except now my php enabled links no longer show up! Rather than rename all my pages with php extensions I altered my .htaccess files with these lines:

RemoveHandler .html .htm
AddType application/x-httpd-php .php .htm .html"

So may thats why?


Anyway I'll take a boo at your solution and see if that fits. I do only want one user to have access to this however.

[djr33]

The easy answer to only one user having access is just to setup a password.
PHP source can't be viewed.

So...
<form method="post" action="enter.php">
<input type="password" name="password">
<input type="submit">
</form>

On the php page:
<?php if ($_POST['password'] != "blahblah") { die(); } ?>

That will make the page "die" (stop executing any code-- html or php) if the password isn't "blahblah".

[Twey]

$_GET is even easier, you don't even have to bother coding a form

Code:

<?php if(!isset($_GET['blahblah'])) die(); ?>

... then the user just has to access page.php?blahblah to edit.
Of course, that's not an elegant solution at all. But if it's just one person, and you don't really care how it looks to them, that's as good a way as any.

[Glen_S]

Had a look, and what you did almost looks exactly what I want to do, except I want it to have only one entry showing, so each time he updated the page it would delete the previous entry.

[Glen_S]

This is what I have in mind, but I could always hide a link only the person I want to edit this knows about and have him enter on a page rather than a text file I suppose.. saves me writing an ftp batch file as well!

[djr33]

In that script, there is a part where it adds the old contents of the text file to the new contents. Simply make it just replace, insted of add, and that's that. Very easy.

[Glen_S]

Ok, just to get a better feel for this I created 3 pages from your code, starting with formtest.php (index.php in your example),

Code:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Comment Demo</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>
<div align="center"> 
  <p><font size="+1">Comments Demo:</font></p>
  <table width="80%" border="1" cellspacing="0" cellpadding="5">
    <tr>
      <td align="left">
          <?php
               if ($file = @file_get_contents("comments.phpdata")) {
                echo $file."\n";
                }
            else {echo "Sorry, but no comments were found.";}
        ?>
      </td>
    </tr>
  </table>
  <p><a href="formtest2.php">Add Comment</a></p>
</div>
</body>
</html>

formtest2.php (your add.php)

Code:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Add Comment Demo</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>
<div align="center"> 
  <p><font size="+1">Add Comment Demo:</font></p>
<form name="form1" method="post" action="formtest3.php">
    Name: <input name="name" type="text"> -- Email: <input name="email" type="text"><br>
    <textarea name="comment" cols="60" rows="10"></textarea><br>
    <input type="submit" value="submit"> - <input type="reset" value="reset">
    </form>
    <a href="formtest.php">Back</a>
</div>
</body>
</html>

and formtest3.php (your sent.php)

Code:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<?php
$filename = "comments.phpdata";
if ($name = stripslashes($_POST['comment'])) {
    $comment = str_replace("<","&lt;",$comment); //security
    $comment = str_replace(">", "&gt;", $comment); //security
    if ($email = stripslashes($_POST['email'])) {
        $email = str_replace("<","&lt;",$email); //security
        $email = str_replace(">", "&gt;", $email); //security
        $email = "<a href=\"mailto:".$email."\">".$email."</a>";
        }
    else {
        $email = "(No Email supplied.)";
        }
    $name = stripslashes($_POST['name']);
    $name = str_replace("<","&lt;",$name); //security
    $name = str_replace(">", "&gt;", $name); //security
    if (!$name) {
        $name = "<i>Anonomous</i>";
        }
    $hr = "";    
    if (strlen(@file_get_contents($filename)) > 0) $hr = "\n<hr>";
    $add = $hr."Posted by: <b>".$name."</b> -- ".$email."<br>".$comment;
    $comments = @file_get_contents($filename).$add;
    $file = @fopen($filename, "w+");
    @fwrite($file, $comments);
    @fclose($file);
    $message = "Your comment was successfully added.<br>Redirecting to formtest.php";
    }
else {
    $message = "You either entered no data or it was entered incorrectly.<br>Redirecting to formtest.php";
    }
?>
<html>
<head>
<title>Comment Added Demo</title>
<meta http-equiv="refresh" content="3;url=formtest.php">
</head>
<body>
<div align="center"> 
<p><font size="+1">Comment Added Demo:</font></p>
<?php echo $message; ?>
</div>
</body>
</html>

not sure if I was supposed to, but I created a blank file "comments.phpdata" and uploaded it as well.

All seems ok except that it displays nothing when it redirects back to the first page, I must have missed something.. check it out here